| 1 |
On 03/08/2015 07:59 AM, Patrick Schleizer wrote: |
| 2 |
> Zac Medico: |
| 3 |
>> On 03/06/2015 09:50 AM, Mark Kubacki wrote: |
| 4 |
>>> We're on the same side here. |
| 5 |
>>> |
| 6 |
>>> Do we have numbers showing the ratio "portage used with defaults" vs. |
| 7 |
>>> where "[webrsync-gpg] is described in many hardening guides for gentoo |
| 8 |
>>> and widely used among the security conscious" applies? |
| 9 |
>>> |
| 10 |
>>> DNS not being encrypted is just painting the whole picture. Point is, |
| 11 |
>>> the default is that "emerge --sync" results in a transfer using RSYNC |
| 12 |
>>> (or http). |
| 13 |
>>> |
| 14 |
>>> And by default you cannot compare the result with any authoritative source. |
| 15 |
>>> |
| 16 |
>> |
| 17 |
>> Ideally, we can rely on security mechanisms built into git [1], possibly |
| 18 |
>> involving signed commits. |
| 19 |
>> |
| 20 |
>> [1] https://github.com/gentoo/gentoo-portage-rsync-mirror |
| 21 |
> |
| 22 |
> Then the question is, how secure are signatures when used wit hgit? |
| 23 |
|
| 24 |
And once we answer that question, the question is, is git secure enough |
| 25 |
for our needs? |
| 26 |
|
| 27 |
> A while ago I wrote a blog post asking that question, referencing a lot |
| 28 |
> related information, started a discussion and also posted this on the |
| 29 |
> git mailing list. |
| 30 |
> |
| 31 |
> "How safe are signed git tags? Only as safe as SHA-1 or somehow safer?" |
| 32 |
> [1] [2] |
| 33 |
> |
| 34 |
> Cheers, |
| 35 |
> Patrick |
| 36 |
> |
| 37 |
> [1] |
| 38 |
> https://www.whonix.org/blog/how-safe-are-signed-git-tags-only-as-safe-as-sha-1-or-somehow-safer |
| 39 |
> [2] http://www.mail-archive.com/git@×××××××××××.org/msg61087.html |
| 40 |
|
| 41 |
For the time being, I think that git is secure enough for our needs, and |
| 42 |
I trust that git will implement stronger security soon enough. |
| 43 |
-- |
| 44 |
Thanks, |
| 45 |
Zac |
Archives